none
Is Outlook 2010 Cached Mode a security risk?

    Question

  • Hi all,

    I'm trying to get an idea of what, if any, security risk is introduced by enabled cached mode in Outlook 2010.  From my reading so far I know that an .OST file can only be used by someone who knows the password, but also that there are many OST-to-PST utilities.  So how likely is it that someone can get the .OST off a stolen laptop, say, and get access to the mail?

    Is there any "built-in" security surrounding cached mode, or is the best bet to simply use layered security including drive encryption?

    Thanks,

    - Steve

    Thursday, August 05, 2010 3:45 PM

Answers

  • Hi Steve,

    Per my known, Exchange not support a method exactly for encryprion and security for your client data, at the other hand, many user need to open the ost when some information lost. Sure, if you want to do some security for your data, you could chose other method.

    Regards!
    Gavin
    • Marked as answer by Gavin-Zhang Friday, August 13, 2010 10:14 AM
    Tuesday, August 10, 2010 3:26 AM

All replies

  • I would look at drive encryption. .osts can be compromised. There are products that can read .osts. For example:

    http://www.recoverytoolbox.com/open_ost_files.html

     

     

    Thursday, August 05, 2010 10:18 PM
  • I would suggest using hardware security certificate so no other hardware can download your OST, or you may wonna use RSA...

     

    my two cents..

    Friday, August 06, 2010 12:41 AM
  • Hi MTwaishi,

    Thanks!  I'm not quite sure what you are suggesting.  In what way can a cert be used in conjunction with the OST?  Is this something that can be implemented in Outlook?

    Thanks,

    - Steve

    Friday, August 06, 2010 12:44 AM
  • Hey Steven,

    There is a product from Siemens, that once a new OST copy is requested, it will check the certficate of the hardware ID of that PC in order to authenticate the request and then pass it to Exchange.

    Rgrds,

     

    Friday, August 06, 2010 3:56 PM
  • Hi Steve,

    Per my known, Exchange not support a method exactly for encryprion and security for your client data, at the other hand, many user need to open the ost when some information lost. Sure, if you want to do some security for your data, you could chose other method.

    Regards!
    Gavin
    • Marked as answer by Gavin-Zhang Friday, August 13, 2010 10:14 AM
    Tuesday, August 10, 2010 3:26 AM